deref-track-symbolic-region.c revision d91696e8680bbe89df1076fded1bc54104526060
1// RUN: %clang_cc1 -analyze -analyzer-checker=core -analyzer-output=text -verify %s 2// RUN: %clang_cc1 -analyze -analyzer-checker=core -analyzer-output=plist-multi-file %s -o - | FileCheck %s 3 4struct S { 5 int *x; 6 int y; 7}; 8 9int *foo(); 10 11void inlined(struct S *s, int m) { 12 if (s->x) 13 //expected-note@-1{{Taking false branch}} 14 //expected-note@-2{{Assuming pointer value is null}} 15 16 m++; 17 18} 19void test(struct S syz, int *pp) { 20 int m = 0; 21 syz.x = foo(); 22 inlined(&syz, m); 23 // expected-note@-1{{Calling 'inlined'}} 24 // expected-note@-2{{Returning from 'inlined'}} 25 m += *syz.x; // expected-warning{{Dereference of null pointer (loaded from field 'x')}} 26 // expected-note@-1{{Dereference of null pointer (loaded from field 'x')}} 27} 28 29//CHECK: <dict> 30//CHECK: <key>files</key> 31//CHECK: <array> 32//CHECK: </array> 33//CHECK: <key>diagnostics</key> 34//CHECK: <array> 35//CHECK: <dict> 36//CHECK: <key>path</key> 37//CHECK: <array> 38//CHECK: <dict> 39//CHECK: <key>kind</key><string>control</string> 40//CHECK: <key>edges</key> 41//CHECK: <array> 42//CHECK: <dict> 43//CHECK: <key>start</key> 44//CHECK: <array> 45//CHECK: <dict> 46//CHECK: <key>line</key><integer>20</integer> 47//CHECK: <key>col</key><integer>3</integer> 48//CHECK: <key>file</key><integer>0</integer> 49//CHECK: </dict> 50//CHECK: <dict> 51//CHECK: <key>line</key><integer>20</integer> 52//CHECK: <key>col</key><integer>5</integer> 53//CHECK: <key>file</key><integer>0</integer> 54//CHECK: </dict> 55//CHECK: </array> 56//CHECK: <key>end</key> 57//CHECK: <array> 58//CHECK: <dict> 59//CHECK: <key>line</key><integer>22</integer> 60//CHECK: <key>col</key><integer>3</integer> 61//CHECK: <key>file</key><integer>0</integer> 62//CHECK: </dict> 63//CHECK: <dict> 64//CHECK: <key>line</key><integer>22</integer> 65//CHECK: <key>col</key><integer>9</integer> 66//CHECK: <key>file</key><integer>0</integer> 67//CHECK: </dict> 68//CHECK: </array> 69//CHECK: </dict> 70//CHECK: </array> 71//CHECK: </dict> 72//CHECK: <dict> 73//CHECK: <key>kind</key><string>event</string> 74//CHECK: <key>location</key> 75//CHECK: <dict> 76//CHECK: <key>line</key><integer>22</integer> 77//CHECK: <key>col</key><integer>3</integer> 78//CHECK: <key>file</key><integer>0</integer> 79//CHECK: </dict> 80//CHECK: <key>ranges</key> 81//CHECK: <array> 82//CHECK: <array> 83//CHECK: <dict> 84//CHECK: <key>line</key><integer>22</integer> 85//CHECK: <key>col</key><integer>3</integer> 86//CHECK: <key>file</key><integer>0</integer> 87//CHECK: </dict> 88//CHECK: <dict> 89//CHECK: <key>line</key><integer>22</integer> 90//CHECK: <key>col</key><integer>18</integer> 91//CHECK: <key>file</key><integer>0</integer> 92//CHECK: </dict> 93//CHECK: </array> 94//CHECK: </array> 95//CHECK: <key>depth</key><integer>0</integer> 96//CHECK: <key>extended_message</key> 97//CHECK: <string>Calling 'inlined'</string> 98//CHECK: <key>message</key> 99//CHECK: <string>Calling 'inlined'</string> 100//CHECK: </dict> 101//CHECK: <dict> 102//CHECK: <key>kind</key><string>event</string> 103//CHECK: <key>location</key> 104//CHECK: <dict> 105//CHECK: <key>line</key><integer>11</integer> 106//CHECK: <key>col</key><integer>1</integer> 107//CHECK: <key>file</key><integer>0</integer> 108//CHECK: </dict> 109//CHECK: <key>depth</key><integer>1</integer> 110//CHECK: <key>extended_message</key> 111//CHECK: <string>Entered call from 'test'</string> 112//CHECK: <key>message</key> 113//CHECK: <string>Entered call from 'test'</string> 114//CHECK: </dict> 115//CHECK: <dict> 116//CHECK: <key>kind</key><string>control</string> 117//CHECK: <key>edges</key> 118//CHECK: <array> 119//CHECK: <dict> 120//CHECK: <key>start</key> 121//CHECK: <array> 122//CHECK: <dict> 123//CHECK: <key>line</key><integer>11</integer> 124//CHECK: <key>col</key><integer>1</integer> 125//CHECK: <key>file</key><integer>0</integer> 126//CHECK: </dict> 127//CHECK: <dict> 128//CHECK: <key>line</key><integer>11</integer> 129//CHECK: <key>col</key><integer>4</integer> 130//CHECK: <key>file</key><integer>0</integer> 131//CHECK: </dict> 132//CHECK: </array> 133//CHECK: <key>end</key> 134//CHECK: <array> 135//CHECK: <dict> 136//CHECK: <key>line</key><integer>12</integer> 137//CHECK: <key>col</key><integer>3</integer> 138//CHECK: <key>file</key><integer>0</integer> 139//CHECK: </dict> 140//CHECK: <dict> 141//CHECK: <key>line</key><integer>12</integer> 142//CHECK: <key>col</key><integer>4</integer> 143//CHECK: <key>file</key><integer>0</integer> 144//CHECK: </dict> 145//CHECK: </array> 146//CHECK: </dict> 147//CHECK: </array> 148//CHECK: </dict> 149//CHECK: <dict> 150//CHECK: <key>kind</key><string>control</string> 151//CHECK: <key>edges</key> 152//CHECK: <array> 153//CHECK: <dict> 154//CHECK: <key>start</key> 155//CHECK: <array> 156//CHECK: <dict> 157//CHECK: <key>line</key><integer>12</integer> 158//CHECK: <key>col</key><integer>3</integer> 159//CHECK: <key>file</key><integer>0</integer> 160//CHECK: </dict> 161//CHECK: <dict> 162//CHECK: <key>line</key><integer>12</integer> 163//CHECK: <key>col</key><integer>4</integer> 164//CHECK: <key>file</key><integer>0</integer> 165//CHECK: </dict> 166//CHECK: </array> 167//CHECK: <key>end</key> 168//CHECK: <array> 169//CHECK: <dict> 170//CHECK: <key>line</key><integer>12</integer> 171//CHECK: <key>col</key><integer>7</integer> 172//CHECK: <key>file</key><integer>0</integer> 173//CHECK: </dict> 174//CHECK: <dict> 175//CHECK: <key>line</key><integer>12</integer> 176//CHECK: <key>col</key><integer>7</integer> 177//CHECK: <key>file</key><integer>0</integer> 178//CHECK: </dict> 179//CHECK: </array> 180//CHECK: </dict> 181//CHECK: </array> 182//CHECK: </dict> 183//CHECK: <dict> 184//CHECK: <key>kind</key><string>event</string> 185//CHECK: <key>location</key> 186//CHECK: <dict> 187//CHECK: <key>line</key><integer>12</integer> 188//CHECK: <key>col</key><integer>7</integer> 189//CHECK: <key>file</key><integer>0</integer> 190//CHECK: </dict> 191//CHECK: <key>ranges</key> 192//CHECK: <array> 193//CHECK: <array> 194//CHECK: <dict> 195//CHECK: <key>line</key><integer>12</integer> 196//CHECK: <key>col</key><integer>7</integer> 197//CHECK: <key>file</key><integer>0</integer> 198//CHECK: </dict> 199//CHECK: <dict> 200//CHECK: <key>line</key><integer>12</integer> 201//CHECK: <key>col</key><integer>10</integer> 202//CHECK: <key>file</key><integer>0</integer> 203//CHECK: </dict> 204//CHECK: </array> 205//CHECK: </array> 206//CHECK: <key>depth</key><integer>1</integer> 207//CHECK: <key>extended_message</key> 208//CHECK: <string>Assuming pointer value is null</string> 209//CHECK: <key>message</key> 210//CHECK: <string>Assuming pointer value is null</string> 211//CHECK: </dict> 212//CHECK: <dict> 213//CHECK: <key>kind</key><string>event</string> 214//CHECK: <key>location</key> 215//CHECK: <dict> 216//CHECK: <key>line</key><integer>22</integer> 217//CHECK: <key>col</key><integer>3</integer> 218//CHECK: <key>file</key><integer>0</integer> 219//CHECK: </dict> 220//CHECK: <key>ranges</key> 221//CHECK: <array> 222//CHECK: <array> 223//CHECK: <dict> 224//CHECK: <key>line</key><integer>22</integer> 225//CHECK: <key>col</key><integer>3</integer> 226//CHECK: <key>file</key><integer>0</integer> 227//CHECK: </dict> 228//CHECK: <dict> 229//CHECK: <key>line</key><integer>22</integer> 230//CHECK: <key>col</key><integer>18</integer> 231//CHECK: <key>file</key><integer>0</integer> 232//CHECK: </dict> 233//CHECK: </array> 234//CHECK: </array> 235//CHECK: <key>depth</key><integer>1</integer> 236//CHECK: <key>extended_message</key> 237//CHECK: <string>Returning from 'inlined'</string> 238//CHECK: <key>message</key> 239//CHECK: <string>Returning from 'inlined'</string> 240//CHECK: </dict> 241//CHECK: <dict> 242//CHECK: <key>kind</key><string>control</string> 243//CHECK: <key>edges</key> 244//CHECK: <array> 245//CHECK: <dict> 246//CHECK: <key>start</key> 247//CHECK: <array> 248//CHECK: <dict> 249//CHECK: <key>line</key><integer>22</integer> 250//CHECK: <key>col</key><integer>3</integer> 251//CHECK: <key>file</key><integer>0</integer> 252//CHECK: </dict> 253//CHECK: <dict> 254//CHECK: <key>line</key><integer>22</integer> 255//CHECK: <key>col</key><integer>9</integer> 256//CHECK: <key>file</key><integer>0</integer> 257//CHECK: </dict> 258//CHECK: </array> 259//CHECK: <key>end</key> 260//CHECK: <array> 261//CHECK: <dict> 262//CHECK: <key>line</key><integer>25</integer> 263//CHECK: <key>col</key><integer>3</integer> 264//CHECK: <key>file</key><integer>0</integer> 265//CHECK: </dict> 266//CHECK: <dict> 267//CHECK: <key>line</key><integer>25</integer> 268//CHECK: <key>col</key><integer>3</integer> 269//CHECK: <key>file</key><integer>0</integer> 270//CHECK: </dict> 271//CHECK: </array> 272//CHECK: </dict> 273//CHECK: </array> 274//CHECK: </dict> 275//CHECK: <dict> 276//CHECK: <key>kind</key><string>control</string> 277//CHECK: <key>edges</key> 278//CHECK: <array> 279//CHECK: <dict> 280//CHECK: <key>start</key> 281//CHECK: <array> 282//CHECK: <dict> 283//CHECK: <key>line</key><integer>25</integer> 284//CHECK: <key>col</key><integer>3</integer> 285//CHECK: <key>file</key><integer>0</integer> 286//CHECK: </dict> 287//CHECK: <dict> 288//CHECK: <key>line</key><integer>25</integer> 289//CHECK: <key>col</key><integer>3</integer> 290//CHECK: <key>file</key><integer>0</integer> 291//CHECK: </dict> 292//CHECK: </array> 293//CHECK: <key>end</key> 294//CHECK: <array> 295//CHECK: <dict> 296//CHECK: <key>line</key><integer>25</integer> 297//CHECK: <key>col</key><integer>8</integer> 298//CHECK: <key>file</key><integer>0</integer> 299//CHECK: </dict> 300//CHECK: <dict> 301//CHECK: <key>line</key><integer>25</integer> 302//CHECK: <key>col</key><integer>8</integer> 303//CHECK: <key>file</key><integer>0</integer> 304//CHECK: </dict> 305//CHECK: </array> 306//CHECK: </dict> 307//CHECK: </array> 308//CHECK: </dict> 309//CHECK: <dict> 310//CHECK: <key>kind</key><string>event</string> 311//CHECK: <key>location</key> 312//CHECK: <dict> 313//CHECK: <key>line</key><integer>25</integer> 314//CHECK: <key>col</key><integer>8</integer> 315//CHECK: <key>file</key><integer>0</integer> 316//CHECK: </dict> 317//CHECK: <key>ranges</key> 318//CHECK: <array> 319//CHECK: <array> 320//CHECK: <dict> 321//CHECK: <key>line</key><integer>25</integer> 322//CHECK: <key>col</key><integer>13</integer> 323//CHECK: <key>file</key><integer>0</integer> 324//CHECK: </dict> 325//CHECK: <dict> 326//CHECK: <key>line</key><integer>25</integer> 327//CHECK: <key>col</key><integer>13</integer> 328//CHECK: <key>file</key><integer>0</integer> 329//CHECK: </dict> 330//CHECK: </array> 331//CHECK: </array> 332//CHECK: <key>depth</key><integer>0</integer> 333//CHECK: <key>extended_message</key> 334//CHECK: <string>Dereference of null pointer (loaded from field 'x')</string> 335//CHECK: <key>message</key> 336//CHECK: <string>Dereference of null pointer (loaded from field 'x')</string> 337//CHECK: </dict> 338//CHECK: </array> 339//CHECK: <key>description</key><string>Dereference of null pointer (loaded from field 'x')</string> 340//CHECK: <key>category</key><string>Logic error</string> 341//CHECK: <key>type</key><string>Dereference of null pointer</string> 342//CHECK: <key>issue_context_kind</key><string>function</string> 343//CHECK: <key>issue_context</key><string>test</string> 344//CHECK: <key>issue_hash</key><integer>6</integer> 345//CHECK: <key>location</key> 346//CHECK: <dict> 347//CHECK: <key>line</key><integer>25</integer> 348//CHECK: <key>col</key><integer>8</integer> 349//CHECK: <key>file</key><integer>0</integer> 350//CHECK: </dict> 351//CHECK: </dict> 352//CHECK: </array> 353//CHECK: </dict> 354//CHECK: </plist> 355